diff options
-rw-r--r-- | wp-admin/edit-form-advanced.php | 5 | ||||
-rw-r--r-- | wp-admin/list-manipulation-js.php | 3 | ||||
-rw-r--r-- | wp-admin/post.php | 7 | ||||
-rw-r--r-- | wp-content/themes/default/footer.php | 3 | ||||
-rw-r--r-- | wp-content/themes/default/sidebar.php | 3 | ||||
-rw-r--r-- | wp-content/themes/home/home.php | 27 | ||||
-rw-r--r-- | wp-includes/author-template.php | 11 | ||||
-rw-r--r-- | wp-includes/wp-db.php | 4 | ||||
-rw-r--r-- | wp-includes/wpmu-functions.php | 13 | ||||
-rw-r--r-- | wp-login.php | 2 |
10 files changed, 53 insertions, 25 deletions
diff --git a/wp-admin/edit-form-advanced.php b/wp-admin/edit-form-advanced.php index 71eb46b..bb77ae0 100644 --- a/wp-admin/edit-form-advanced.php +++ b/wp-admin/edit-form-advanced.php @@ -216,8 +216,12 @@ if ( ! empty($pings) ) </fieldset> </div> +<div class="dbx-box-wrapper"> <fieldset id="postcustom" class="dbx-box"> +<div class="dbx-handle-wrapper"> <h3 class="dbx-handle"><?php _e('Custom Fields') ?></h3> +</div> +<div class="dbx-content-wrapper"> <div id="postcustomstuff" class="dbx-content"> <table cellpadding="3"> <?php @@ -232,6 +236,7 @@ list_meta($metadata); <div id="ajax-response"></div> </div> </fieldset> +</div> <?php do_action('dbx_post_advanced'); ?> diff --git a/wp-admin/list-manipulation-js.php b/wp-admin/list-manipulation-js.php index b767a76..8711b28 100644 --- a/wp-admin/list-manipulation-js.php +++ b/wp-admin/list-manipulation-js.php @@ -29,9 +29,6 @@ function WPAjax(file, responseEl){//class WPAjax extends sack WPAjax.prototype.init=function(f,r){ this.encVar('cookie', document.cookie); this.requestFile=f?f:'<?php echo $handler; ?>';this.getResponseElement(r);this.method='POST'; - this.onLoading=function(){this.myResponseElement.innerHTML="<?php _e('Sending Data...'); ?>";}; - this.onLoaded=function(){this.myResponseElement.innerHTML="<?php _e('Data Sent...'); ?>";}; - this.onInteractive=function(){this.myResponseElement.innerHTML="<?php _e('Processing Data...'); ?>";}; } function listMan(theListId){ diff --git a/wp-admin/post.php b/wp-admin/post.php index 62abfe9..a5046d1 100644 --- a/wp-admin/post.php +++ b/wp-admin/post.php @@ -93,13 +93,18 @@ case 'editpost': $post_ID = edit_post(); + $referredby = ''; + if ( !empty($_POST['referredby']) ) + $referredby = preg_replace('|https?://[^/]+|i', '', $_POST['referredby']); + $referer = preg_replace('|https?://[^/]+|i', '', wp_get_referer()); + if ($_POST['save']) { $location = wp_get_referer(); } elseif ($_POST['updatemeta']) { $location = wp_get_referer() . '&message=2#postcustom'; } elseif ($_POST['deletemeta']) { $location = wp_get_referer() . '&message=3#postcustom'; - } elseif (!empty($_POST['referredby']) && $_POST['referredby'] != wp_get_referer()) { + } elseif (!empty($referredby) && $referredby != $referer) { $location = $_POST['referredby']; if ( $_POST['referredby'] == 'redo' ) $location = get_permalink( $post_ID ); diff --git a/wp-content/themes/default/footer.php b/wp-content/themes/default/footer.php index a6cfd87..c95b405 100644 --- a/wp-content/themes/default/footer.php +++ b/wp-content/themes/default/footer.php @@ -1,9 +1,10 @@ +<?php $current_site = get_current_site(); ?> <hr /> <div id="footer"> <p> <?php bloginfo('name'); ?> is proudly powered by - <a href="http://wordpress.org/">WordPress</a> + <a href="http://mu.wordpress.org/">WordPress MU</a> running on <a href="http://<?php echo $current_site->domain . $current_site->path ?>"><?php echo $current_site->site_name ?></a>. <a href="http://<?php echo $current_site->domain . $current_site->path ?>wp-signup.php" title="Create a new blog">Create a new blog</a> and join in the fun! <br /><a href="feed:<?php bloginfo('rss2_url'); ?>">Entries (RSS)</a> and <a href="feed:<?php bloginfo('comments_rss2_url'); ?>">Comments (RSS)</a>. <!-- <?php echo get_num_queries(); ?> queries. <?php timer_stop(1); ?> seconds. --> diff --git a/wp-content/themes/default/sidebar.php b/wp-content/themes/default/sidebar.php index 0ce9b38..3dc24b1 100644 --- a/wp-content/themes/default/sidebar.php +++ b/wp-content/themes/default/sidebar.php @@ -58,6 +58,9 @@ <li><a href="http://validator.w3.org/check/referer" title="This page validates as XHTML 1.0 Transitional">Valid <abbr title="eXtensible HyperText Markup Language">XHTML</abbr></a></li> <li><a href="http://gmpg.org/xfn/"><abbr title="XHTML Friends Network">XFN</abbr></a></li> <li><a href="http://wordpress.org/" title="Powered by WordPress, state-of-the-art semantic personal publishing platform.">WordPress</a></li> + <?php $current_site = get_current_site(); ?> + <li><a href="http://<?php echo $current_site->domain . $current_site->path ?>wp-signup.php" title="Create a new blog">New Blog</a></li> + <li><a href="http://<?php echo $current_site->domain . $current_site->path ?>" title="<?php echo $current_site->site_name ?>"><?php echo $current_site->site_name ?></a></li> <?php wp_meta(); ?> </ul> </li> diff --git a/wp-content/themes/home/home.php b/wp-content/themes/home/home.php index 358f4a1..ac4754c 100644 --- a/wp-content/themes/home/home.php +++ b/wp-content/themes/home/home.php @@ -1,20 +1,33 @@ <?php get_header(); ?>
- <div id="content" class="widecolumn">
+<div id="content" class="widecolumn">
- <h2>WordPress µ</h2>
- <p>This is a <a href="http://mu.wordpress.org/">WordPress Mu</a> powered site.</p>
- <p>You can: <ul><li> <a href="wp-login.php">Login</a> </li><li> <a href="wp-signup.php">Create a new blog</a></li><li> Edit this file at <code>wp-content/themes/home/home.php</code> with your favourite text editor and customize this screen.</li></ul></p>
-<h3>News Blog</h3>
-
+<h2>WordPress µ</h2>
+<p>This is a <a href="http://mu.wordpress.org/">WordPress Mu</a> powered site.</p>
+<p>You can: <ul><li> <a href="wp-login.php">Login</a> </li><li> <a href="wp-signup.php">Create a new blog</a></li><li> Edit this file at <code>wp-content/themes/home/home.php</code> with your favourite text editor and customize this screen.</li></ul></p>
+<h3>The Latest News</h3>
<ul>
+<strong>Site News</strong>
<?php
query_posts('showposts=7');
if (have_posts()) : ?><?php while (have_posts()) : the_post(); ?>
<li><a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title(); ?>"><?php the_title();?> </a></li>
<?php endwhile; ?><?php endif; ?>
</ul>
-
+<?php
+$blogs = get_last_updated();
+if( is_array( $blogs ) ) {
+ ?>
+ <ul>
+ <strong>Updated Blogs</strong>
+ <?php foreach( $blogs as $details ) {
+ ?><li><a href="http://<?php echo $details[ 'domain' ] . $details[ 'path' ] ?>"><?php echo get_blog_option( $details[ 'blog_id' ], 'blogname' ) ?></a></li><?php
+ }
+ ?>
+ </ul>
+ <?php
+}
+?>
</div>
<?php get_footer(); ?>
diff --git a/wp-includes/author-template.php b/wp-includes/author-template.php index f265b3b..c52a17e 100644 --- a/wp-includes/author-template.php +++ b/wp-includes/author-template.php @@ -133,7 +133,7 @@ function the_author_posts_link($idmode='') { echo '<a href="' . get_author_link(0, $authordata->ID, $authordata->user_nicename) . '" title="' . sprintf(__("Posts by %s"), wp_specialchars(the_author($idmode, false))) . '">' . the_author($idmode, false) . '</a>'; } -function get_author_link($echo = false, $author_id, $author_nicename) { +function get_author_link($echo = false, $author_id, $author_nicename = '') { global $wpdb, $wp_rewrite, $post, $cache_userdata; $auth_ID = $author_id; $link = $wp_rewrite->get_author_permastruct(); @@ -142,8 +142,11 @@ function get_author_link($echo = false, $author_id, $author_nicename) { $file = get_settings('home') . '/'; $link = $file . '?author=' . $auth_ID; } else { - if ( '' == $author_nicename ) - $author_nicename = $cache_userdata[$author_id]->user_nicename; + if ( '' == $author_nicename ) { + $user = get_userdata($author_id); + if ( !empty($user->user_nicename) ) + $author_nicename = $user->user_nicename; + } $link = str_replace('%author%', $author_nicename, $link); $link = get_settings('home') . trailingslashit($link); } @@ -230,4 +233,4 @@ function wp_list_authors($args = '') { } } -?>
\ No newline at end of file +?> diff --git a/wp-includes/wp-db.php b/wp-includes/wp-db.php index 37f361a..03b3bc0 100644 --- a/wp-includes/wp-db.php +++ b/wp-includes/wp-db.php @@ -100,12 +100,14 @@ class wpdb { $EZSQL_ERROR[] = array ('query' => $this->last_query, 'error_str' => $str); + $str = htmlspecialchars($str, ENT_QUOTES); + $query = htmlspecialchars($this->last_query, ENT_QUOTES); // Is error output turned on or not.. if ( $this->show_errors ) { // If there is an error then take note of it print "<div id='error'> <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br /> - <code>$this->last_query</code></p> + <code>$query</code></p> </div>"; } else { return false; diff --git a/wp-includes/wpmu-functions.php b/wp-includes/wpmu-functions.php index b003adc..f40579d 100644 --- a/wp-includes/wpmu-functions.php +++ b/wp-includes/wpmu-functions.php @@ -502,13 +502,7 @@ function get_blog_status( $id, $pref ) { function get_last_updated( $display = false ) { global $wpdb; - $blogs = $wpdb->get_results( "SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = '$wpdb->siteid' AND last_updated != '0000-00-00 00:00:00' ORDER BY last_updated DESC limit 0,40", ARRAY_A ); - if( is_array( $blogs ) ) { - while( list( $key, $details ) = each( $blogs ) ) { - if( get_blog_status( $details[ 'blog_id' ], 'archived' ) == '1' ) - unset( $blogs[ $key ] ); - } - } + $blogs = $wpdb->get_results( "SELECT blog_id, domain, path FROM $wpdb->blogs WHERE site_id = '$wpdb->siteid' AND public = '1' AND archived = '0' AND mature = '0' AND spam = '0' AND deleted = '0' AND last_updated != '0000-00-00 00:00:00' ORDER BY last_updated DESC limit 0,40", ARRAY_A ); return $blogs; } @@ -1365,4 +1359,9 @@ SITE_NAME" ); wp_mail($user->user_email, $subject, $message, $message_headers); } +function get_current_site() { + global $current_site; + return $current_site; +} + ?> diff --git a/wp-login.php b/wp-login.php index 135d6b7..fbf332b 100644 --- a/wp-login.php +++ b/wp-login.php @@ -92,7 +92,7 @@ if ($error) break; case 'retrievepassword': - $user_data = get_userdatabylogin($_POST['user_login']); + $user_data = get_userdatabylogin(trim($_POST['user_login'])); // redefining user_login ensures we return the right case in the email $user_login = $user_data->user_login; $user_email = $user_data->user_email; |